Overview

overview

6

Static

static

1

1a4cd89a76...8.html

windows7-x64

6

1a4cd89a76...8.html

windows10-2004-x64

6

Analysis

  • max time kernel
    143s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30-12-2023 13:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1a4cd89a7631096f20e33411961dfa28.html

  • Size

    97KB

  • MD5

    1a4cd89a7631096f20e33411961dfa28

  • SHA1

    80b3a3cb3444ddb5db1f5e8c69fb29d6e7fe8e17

  • SHA256

    32efee7a342ef2420681baf937453a1ea5b77d2436ba38fc7165b3a1fb1943c2

  • SHA512

    3e722314c1a5182e505a081b81facfe0ea167e9313e6614cb3a88c336f1c3f790d8ce825227d9b82ecb67bfe32fd084d768ec4025ceb6ef712c892ad87136609

  • SSDEEP

    3072:7VXh/odbnckaYJNQMcNf+oJgoxR3+e0u+trNNBuFB:Rh/okypi

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
    "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2372 CREDAT:275457 /prefetch:2
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2304
  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\1a4cd89a7631096f20e33411961dfa28.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2372

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4702c1891ac359416f58e4ae4419ff39

    SHA1

    375f2c0cb7df18604ddf8edb3e5f8fd2486e6ed3

    SHA256

    68f9ec32e52371ddd86bf116205cdf308ecd17991af3080a5250d0c7f1ff6b7e

    SHA512

    7e374e3cf118f6561a50175030dc9c472120da6db270e7038bfd7108cb0ceebd8dce0a120aaa36512937ea6619b560712b3917c178ccdbe53035892a87899bb4

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    97dd24251116e3d7bad55b9e8394ef88

    SHA1

    fbc86b66268793c7aa7ed70b7e725ec0531987fa

    SHA256

    071251c51eb7e6c7a3dec0e7d9e61b4c3296b1c7e2365d7200bd3a6b0b93a28e

    SHA512

    3b30235003320b31f7edf0fdfc3647e92b3af8acd1b0d8568051ceb068fe211745ebe82a432dd37bcb60ab9ba9bcddd11851b3787c7648a820a48ca78a46934a

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    bab4b235e11592b0c7d49289f7b3e282

    SHA1

    febc022df19d965f231eb421543d7c0f79902ba9

    SHA256

    ea6069d443d490de5d0b21adcfdc3eaad3f1dc3aa345a5a060a52f0bf8ef1371

    SHA512

    c7e9c459f01773aa9914203e51a9e5c95bb6b58af34a98d5f0e731faa5ea419b04057cc428c08d7bb7884dc7ff7510eb157a9fd02ad9bfb28d6ec576cd3fa287

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a3c5a0085b2d8e893e9dc9cf14a4bd55

    SHA1

    ec505e2f6f2136550dd93b91aef9ded1bb74f61a

    SHA256

    47fda141ee92de4d395b47d92735a47ec5602bc6085e91350b5740c15e5624f7

    SHA512

    1666b3ddf09d1429ec720756c27e1710a8b9c2575291c667e304a3524340640cc9cd9696871f323d7ba238c87e57a9aa1221b9dba51169b4f868f81a6cc3a5df

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    4a1475c1777ca1981697d815f0f1ca19

    SHA1

    9dc0454052fc8a80819634da7d61bbf54f176115

    SHA256

    5b1abd313cf20d2ed0b08bfbe848926646d1441ce8031f166021ddf02905f5d4

    SHA512

    636fa2bf96d56bffaf5bffa53335f3f16c43ab7b5cadef311438e165afa5aafa9b3a0f8ed363d8f278c26b6429f24bec080e509b3c9f393121a70725f9f97392

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    615109f7e498ddba504c263c047cd976

    SHA1

    7654e11c54fc6fffa97fae39a820b8603b7c5385

    SHA256

    a7e21eaec2d3ea2518d09f040409f4f7e2137ec5707975a1b3468f53224e8602

    SHA512

    b310db713c66a48a9f3e22208bf13b4b26fbc884afd64ee42dec5f91cc72df5bfe78980efa5aabb5698808bbcdf5fd4e5abfe652d2e1c20bc9c9e3d46b078e47

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ba00fe5a4b4068ce28f39ada7d6e39a6

    SHA1

    b6e7d0b32e61ec381c23fa20c639c3ed9106fe9a

    SHA256

    f88f89366850a27bbe46b30def8c56be144354a5abb04b682cfcfec9feea124f

    SHA512

    f54cc8d0c638799c4e7708edefedee3f8c983277b30322970a4de5e6dcc11d0d2b8e954ade7924b7623e4af549603e633cfc570b3dc67480338a7278a4fd9e3f

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    45623b5334860679468c5bed0473b4ae

    SHA1

    82fc70c5e4b996ae295b46c8f786d2d330decfbe

    SHA256

    7724f2dd2b8c17d2a8712e335e7cbbd8d33350767589ff8c58a8bc965b5250a8

    SHA512

    3e56009f6aee053fd184b2baee1cf3a7fab9b6bd94a59d50cf5f729dc49c55a63544767213d517b22e212b57434d6e38ce60f628cb2a5263c93aa0e5f9578210

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    44189509c149a77431a6e1ac5a148611

    SHA1

    e0169ad204cb830cfbeeee276a056f51abe109eb

    SHA256

    57c8129fcd36b76bbc851d9ba027ac6773224cb4904d43006e33f58833fa03d5

    SHA512

    daa3d1afddcd9669bafe9e51217d0acd60cafa40ef3c0aeefec43bb95457d338685618ad2449d9b8e258ba3e5e876d676c207aa776374c84eb68d828a5af3a39

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    5a7d4233eebe71c19b396dcf8a15ea50

    SHA1

    fbdd25c021189da55e323b7c493f742da96a9b7e

    SHA256

    549678018df837159110c1739de33a367d4166c79879f3a6ca0ca3ec5274ff70

    SHA512

    f6cec4e742fe6e297dd6bf524b5f7b6762454b64aaa189e5a2db0d7e873527a4132ab7c8615efe5ac1972f233e48f805bc7097a4a8e9a284a7cd9c0e23c0aff2

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    ff96a59e2b1ce52f5b9dbab858a52020

    SHA1

    048fb50b626bade053c199386effff9b8da6e0ee

    SHA256

    1a655f1730cb986f46b85e4457fe14188b9f2572a67681b5d9e5ad0772ba9531

    SHA512

    d12d4a4d6e1cb7147df7c521218c2cbefc7b4cbd0c7920bda94123786fc8961411067704c5dc757a608802dab7db51c3524e35038699d2eb612e7efc116bd396

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    b89cb861da85299cb18f7899998f28f0

    SHA1

    36cb906aa4a19a45642f1733ceeafd136409aed8

    SHA256

    10107f27860f21386c798ea1c5062d2cba98b67fec4c48fb976984c013b53d29

    SHA512

    aa5275ff36eb78a0b7757fffe99b0ec7409b643da8005f5a9a9cf4e1340e274c03283166a1574612b326ae661817fe827596a79afd153d6de4946d392fa77af0

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    53eb8f81d7a4bd4e52df4c34095fe3ae

    SHA1

    24878c875c09947e2bbf55b5df035195702b0b90

    SHA256

    f21a1bc3e5c245f1b744ee452510cdd3a978a4796f65cad06c5b34c7ad82a7db

    SHA512

    30797ccd0eaa2b365d657a68e3a63c8a00d59cead8d1e1b2d03a6ccb745a64abe155d9a7bb5f7d21542aa8cd99507429f6ab2fc5b01c405e0df51a656ed308a3

    Download Submit

  • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HVBRC7A9\plusone[2].js
    Filesize

    56KB

    MD5

    1944af3661da46249991197817b6cd8b

    SHA1

    f952df40ec79fafc7c798f37aff92878977376ed

    SHA256

    63326a1c4e0eddd3501f0a064b06a2708eb0362f3ae934f53145978d3d0799b5

    SHA512

    0bef19b32be337cfba179ed9ce4533a207cfe645d2e5fe0da9fadc7b01c72704fc89749670d1ac48b8d494675bc62ac089fdc4d8495979226f10828225594376

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Cab53DC.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Tar53DF.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit